Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:39 p.m.5 views

CVE-2023-29708

An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload...

7.5CVSS6.8AI score0.05747EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-1790

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-15683

Malware in sbrugna...

9.9CVSS9.1AI score0.00381EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-3821

Malware in sbrugna...

9.1CVSS8.2AI score0.03989EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-13431

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00306EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-33003

Malicious code in bioql PyPI...

10CVSS9.4AI score0.00579EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-53532

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.01169EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/07/06 10:47 p.m.5 views

CVE-2025-3108 Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_index

A critical deserialization vulnerability exists in the run-llama/llamaindex library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritiz...

5CVSS0.01612EPSS
Exploits1References2
GithubExploit
GithubExploitadded 2025/05/25 1:14 p.m.585 views

Exploit for CVE-2025-0868

Penetration Testing Project Report: Exploiting CVE-2025-0868...

9.3CVSS8.3AI score0.17281EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2025/05/22 10:42 p.m.9 views

CVE-2022-28582

It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

10CVSS8.1AI score0.18709EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:4 p.m.4 views

CVE-2020-19291

A stored cross-site scripting XSS vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo...

5.4CVSS5.5AI score0.00151EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/03/16 1:15 p.m.9 views

CVE-2025-2000

A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats 13. A python process calling Qiskit 0.18.0 through 1.4.1's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded...

9.8CVSS7.8AI score0.00168EPSS
Exploits0References1
CNVD
CNVDadded 2024/07/05 12:0 a.m.4 views

ResidenceCMS Cross-Site Scripting Vulnerability

ResidenceCMS is a fast, lightweight property management system. A cross-site scripting vulnerability exists in ResidenceCMS version 2.10.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to create malicious...

5.4CVSS5.7AI score0.00273EPSS
Exploits3References1
CNNVD
CNNVDadded 2024/06/04 12:0 a.m.2 views

WordPress plugin Discussion Board 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS6AI score0.00257EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/02/29 12:0 a.m.2 views

Simple Student Attendance System Security Vulnerability

Simple Student Attendance System is a simple student attendance system. A security vulnerability exists in Simple Student Attendance System version v.1.0. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted payload on the page or classmonth parameter in th...

6.1CVSS7.6AI score0.00273EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/01/16 12:0 a.m.2 views

PT-2024-11511 · WordPress · Wp-Invoice

Name of the Vulnerable Software and Affected Versions: WP-Invoice WordPress plugin versions 4.3.1 and earlier Description: The issue is related to the lack of CSRF check when updating settings and insufficient sanitization and escaping in some settings, allowing an attacker to make a logged-in...

6.1CVSS5.9AI score0.0013EPSS
Exploits2References6
CNNVD
CNNVDadded 2023/12/13 12:0 a.m.2 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.7AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVDadded 2023/12/13 12:0 a.m.2 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.7AI score0.00205EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/06/22 12:0 a.m.10 views

CVE-2023-29708

An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload...

6.8AI score0.05747EPSS
Exploits1References2
Huntr
Huntradded 2022/12/08 3:56 a.m.26 views

Cross Site Scripting (XSS) Reflected

Description Reflected cross-site scripting or XSS arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. Proof of Concept https://github.com/phpipam/phpipam/blob/master/app/subnets/mail-notify-subnet.php look in line 94-9...

5.8CVSS5.9AI score0.00325EPSS
Exploits1References1
Rows per page
Query Builder